Verify TOTP verification

POST /api/experience/verification/totp/verify

Verifies the provided TOTP code against the new created TOTP secret or the existing TOTP secret. If a verificationId is provided, this API will verify the code against the TOTP secret that is associated with the verification record. Otherwise, a new TOTP verification record will be created and verified against the user's existing TOTP secret.

application/json

Body Required

  • code string Required

    The TOTP code to be verified.

    Minimum length is 1.

  • The verification ID of the newly created TOTP secret. This ID is required to verify a newly created TOTP secret that needs to be bound to the user account. If not provided, the API will create a new TOTP verification record and verify the code against the user's existing TOTP secret.

Responses

  • 200 application/json

    The TOTP code has been successfully verified.

    Hide response attribute Show response attribute object
    • verificationId string Required

      The unique verification ID of the TOTP verification record. For newly created TOTP secret verification record, this ID is required to bind the TOTP secret to the user account through Profile API.

  • Invalid TOTP code.

  • Verification record not found.

POST /api/experience/verification/totp/verify
curl \
 -X POST https://[tenant_id].logto.app/api/experience/verification/totp/verify \
 -H "Content-Type: application/json" \
 -d '{"code":"string","verificationId":"string"}'
Request examples
{
  "code": "string",
  "verificationId": "string"
}
Response examples (200)
{
  "verificationId": "string"
}